Methods and systems for promoting security in a computer system employing attached storage devices

ABSTRACT

The present methods and systems use specially isolated techniques for promoting security in a computer system. In one embodiment of these methods and systems, a simple file system is concealed in the storage of the computer system and is managed with a processor and simple non-writeable code operating on the storage device. Strong cryptographic design permits the present computer security methods and systems to secure data on the storage device. In one method embodiment, a computer system is provided with an operating system in operative association with at least one storage device, wherein the storage device includes firmware and a processor for processing data and instructions stored on the storage device. The method includes creating at least one security partition in, and restricting access to, at least a portion of the storage device by the operating system. The method also includes creating at least one security partition in the storage device. The method also includes providing at least one authority record and data associated with the authority record in the storage device. System and computer-readable medium embodiments structured in accordance with the method embodiments discussed herein are also provided.

BACKGROUND OF THE INVENTION

[0001] 1. Field of the Invention

[0002] The present invention generally relates to methods and systemsfor securing computer systems. The present invention more particularlyrelates to methods and devices for securing information in a computersystem wherein the computer system may be connected to a networkedenvironment.

[0003] 2. Description of the Related Art

[0004] With the advent and widespread deployment of the Internet,conventional computer security systems have been found to be deficient.A disadvantage of the Internet is that it permits many ways toinfiltrate conventional computer system perimeter defense systems.Damaging virus programs, for example, can be injected through firewallsand into a computer system. This can compromise data and computerprograms, and therefore derivative capabilities such as digital rightsmanagement.

[0005] This deficiency in computer system perimeter defenses creates theneed to position security defense systems in the local computer system.A conventional example of such localized computer system security isvirus detection software. Virus detection software, however, can besusceptible to many exploits including, but not limited to, “spoofing”or “wrappering” strategies. Consequently, virus detection software maybe made to appear operational when it is not properly operating.

[0006] Perhaps the greatest fundamental problem with conventionalcomputer security systems is that their operation is common to theenvironment of the operating system environment. Furthermore, theoperating system environment for many computer systems is also common tothe Internet environment, for example, or another network communicationsmedium. Because of this common environment, many means of attack on acomputer system are available merely by moving computer code from theInternet to the computer operating system.

[0007] Some conventional methods of computer protection may involvespecial purpose security hardware or firmware installed in the BIOS of acomputer system. These methods can establish secondary lines of defenseinternal to operation of a computer system but external to thecomplicated and error-prone operating system environment. However, thesemethods often fail to recognize that a better line of defense could berealized with non-writeable firmware in the attached storage devicesthat provide the bulk of data and code storage for computer systems.

[0008] Other conventional computer security systems may include asecurity device connected to an SCSI bus that protects storage deviceson the bus. This type of security system recognizes that the storagedevice is more secure while not operating in an environment common tothe operating system. However, the SCSI bus of this system exposes alldevices on the bus, including the storage devices, to access andtherefore requires intimate operating systems involvement. It would bean improvement over this technique to put the security measures in theattached storage firmware and data storage. The same solution could alsothen be applied in SCSI environments and other environments such as ATAstorage device environments.

[0009] Still other computer security systems recognize the benefit ofguarding the storage device at the controller level but are based onshared private keys. Shared private keys are well-known to provide lesssecurity than securing and concealing elements of public-private keyencryption, because authentication keys are shared and not private to asingle device. This type of system is also directed to modification ofthe file management system of the computer operating system andtherefore suffers the same problem of operating system dependenceillustrated above for SCSI security. An improved computer securitysystem could leave the operating system file management intact whilemaintaining separate control over security through a special securityinterface to the attached storage device.

[0010] In another type of computer security system, the securityperimeter consists of self-contained software that exports only a simplestorage interface for external access and verifies the integrity of eachcommand before processing the command. By contrast, most file serversand client machines execute a multitude of services that are susceptibleto attack. Since this self-securing storage device is a single-functiondevice, the task of making it secure is made easier. However, theobjective of this system is to provide for automated recovery to a knowngood state relying on the previous secure storage mechanisms. This typeof system also requires operating systems modification. It incorporatescomplexity, and therefore vulnerability, approaching that of anoperating system, and permits opportunities for the introduction ofTrojan horses, for example, into the system. Furthermore, this type ofsystem does not recognize the improved security afforded by using thestorage device for hiding and securing public-private key operations.

[0011] Security afforded to a computer system by the ATA Host ProtectedArea security protocol can be provided by a method used in connectionwith readying a storage device during the boot phase of a computersystem. In this method, the storage device can be declared to theoperating system to have less storage space than the storage deviceactually has ready for use by the operating system. Special BIOSfirmware or other special code can have exclusive access to theundeclared portion of storage space. As an additional security measure,the ATA Host Protected Area can require passcode access to thisadditional amount of storage space. The ATA Host Protected Area wasoriginally designed to provide security assurance in the form ofenhanced operating system and application crash recovery efficiencies. Aknown good version of the system or application software could be cachedin a location outside the capability of the operating system to address.In practice, this restricts access to a portion of the storage device toa computer program running either in the main device firmware or in theoperating system environment.

[0012] A problem with the ATA Host Protected Area protocol is that it isstill possible to intercept communications with the storage device thatcontain critical information. The hidden ATA Host Protected Areapartition of the storage device can be revealed, for example, by puttingthat same disk drive into another computer that does not reserve theHost Protected space. The passcode, if used, is not retained acrosspower cycles. The ATA Host Protected Area, in practice, is an acceptableplace to protect local backup code and data from virus-like infectionsbut is typically not the best place to conceal data. Furthermore, theonly authentication required by ATA Host Protected Area is a “first comefirst served, winner take all” type of device authentication.Public-private key techniques applied to sections of secure data storagewould provide an improvement in this type of security.

[0013] Therefore, computer security methods and systems are needed thataddress the aforementioned shortcomings in the art. Method and systemapproaches are needed in the storage device environment that provideresistance to unauthorized access and use of computer programs and data.Methods and systems are needed that permit sections of the storagedevice to store data that are not available to the file system oroperating system in a computer system for reading or writing operations,except under controlled and cryptographically-guarded conditions. Suchcontrolled conditions should include device authentication and userauthentication of secured datasets performed externally to the operatingsystem of the computer system. Methods and systems are also needed thatprovide firmware and storage devices with controls on access, storageand retrieval of data. These controls should not be able to be writtenby any process available to the computer system and should be localizedin the attached storage device.

SUMMARY OF THE INVENTION

[0014] The present methods and systems use simple but effective meansfor promoting security in a computer system. In one embodiment of thesemethods and systems, a simple file system is concealed in the computersystem and is managed with a processor and simple non-writeable codeoperating on a storage device. This simplicity of design provides thepresent computer security methods and systems with means for securingdata on the storage device.

[0015] In one method embodiment, a computer system is provided with anoperating system in operative association with at least one storagedevice, wherein the storage device includes firmware and a processor forprocessing data stored on the storage device. The method includescreating at least one security partition in, and restricting access to,at least a portion of the storage device by the operating system. Themethod also includes creating at least one security partition in thestorage device. The method also includes providing at least oneauthority record and data associated with the authority record in thestorage device.

[0016] System and computer-readable medium embodiments structured inaccordance with the method embodiments discussed herein are alsoprovided.

BRIEF DESCRIPTION OF THE DRAWINGS

[0017]FIG. 1 is a diagram showing a system configured in accordance withmethods and systems for promoting computer security;

[0018]FIG. 2 is a schematic showing details of the storage device ofFIG. 1;

[0019]FIG. 3 is a schematic illustrating the interaction between astorage device and an operating system file system of a computer systemin accordance with methods and systems for promoting computer security;

[0020]FIG. 4 is a schematic showing details of the authority records andsecurity partition data shown in FIG. 3;

[0021]FIG. 5 is a tabulation showing portions of an authority recordprovided in accordance with the present computer security methods andsystems;

[0022]FIG. 6 is a tabulation showing a partition header provided inaccordance with the present computer security methods and systems;

[0023]FIG. 7 is a tabulation showing basic storage device proceduresprovided in accordance with the present computer security methods andsystems; and,

[0024]FIG. 8 is a tabulation of error codes that can be generated inaccordance with the present computer security methods and systems.

DETAILED DESCRIPTION Overview

[0025] As used herein, “computer systems” include, but are not limitedto, desktop computer systems, laptop computer systems, networkedcomputer systems, wireless systems such as cellular phones and PDA's,digital cameras including self-contained web-cams, and/or any reasonablecombination of these systems and devices.

[0026] As used herein, the terms “storage device” and “disk drive” or“disk” are interchangeable, except where otherwise noted, and includeany device for storage of data in a computer system in accordance withthe computer security methods and systems discussed herein.Notwithstanding the use of the term “disk” the storage device need notnecessarily incorporate a physical “disk” but preferably incorporates aplace for storage managed by a controller with firmware.

[0027] It can be appreciated that the term “partition” is used incertain embodiments herein to mean a contiguous grouping of 512 byteblocks as allocated by the low-level formatting of the storage device.

[0028] Special security partitions and the structures and processes thatsupport these security partitions are included in the present computersecurity methods and systems. A primary objective of the present methodsand systems is to provide a computer security system that issubstantially not dependent on an operating system.

[0029] Referring now to FIG. 1, the architecture of a network-attacheddevice consistent with the methods and systems discussed hereinafter isshown. The network 2, which can be the Internet or another networkcommunications medium, is connected by a wireless or wired (not shown)connection 4 to the computer system 6 of a user. Inside of the computersystem 6 is an operating system 10, which relies at least in part onsoftware and data obtained from a storage device 12.

[0030] Referring now to FIGS. 1 and 2, a more detailed schematic of thestorage device 12 is shown in FIG. 1. The storage device 12 containsfirmware 14 that reads and writes data from a data storage portion 16 ofthe storage device 12. It can be appreciated that at least a portion ofthe storage device firmware 14 can be re-written by software executed inthe operating system 10. This portion of the storage device firmware 14that can be written can be considered writeable firmware (“WF”). Incontrast, at least a portion of the storage device firmware 14 iswritten by using one or more of a plurality of conventional hardwaremethods that resist this firmware from being written by the operatingsystem 10. This portion of the storage device firmware 14 that cannot bewritten can be considered non-writeable firmware (“NWF”). In oneembodiment, the storage device 12 can also include a separate centralprocessing unit 18 (“CPU”) for directing the firmware 14 to access andotherwise manipulate data in the data storage portion 16 of the storagedevice 12. It can be made a requirement that no data can be transportedto or from the data storage portion 16 of the storage device 12, exceptin connection with execution of the NWF or WF.

[0031] For purposes of illustration, some examples of NWF and WFfirmware can be derived in connection with the ATA and SCSI diskcontroller protocols. At least portions of these protocols relate toconnectivity between the operating system and the data storagecomponents of a computer system. The ATA protocol, for example, permitscustomization of commands, such as controller commands, by a user. Inone embodiment, the present computer security methods and systems offeran addition to the ATA/ATAPI-5 ANSI specification, NCITS 340-2000.However, it can be appreciated that parallel, analogous additions can bemade by the methods and systems addressed herein to the SCSIspecification and other suitable disk controller specifications thatallow, for example, vendor-specific or standards-driven extensions. Itcan also be understood that the methods and systems discussed herein canform the basis for a component part of a new disk controllerspecification.

[0032] Data storage, as applied herein, can be provided in connectionwith a conventional disk controller protocol such as ATA or SCSI. Onetype of security protocol available to ATA, in particular, is known tothose skilled in the art as ATA Host Protected Area. Mapped-out storage,as applied herein, is storage space that is mapped-out by tables in theNWF and WF to indicate bad sectors. It is understood that other data canbe mapped out of the writeable storage by the disk controller for thestorage device.

[0033] Referring now to FIG. 3, the present computer security methodsand systems can augment existing ATA and SCSI protocols, for example,with simple and effective enhanced security protocols. The methods andsystems include a storage device 30 having security partition (“SP”)data 32 and at least one authority record, such as authority record 34,associated with the security partition data 32. These security partitiondata 34 and authority records 34, 36, 38 are contained in a securitypartition of the storage device 30. The present methods and systemsprovide a relatively simple file system located on the low-levelformatting of the storage device 30. The growth of data added to thestorage device 30 proceeds from top to bottom, as shown in FIG. 3, sothat a query of the storage device 30 contents can readily reveal howmuch data storage space remains for use.

[0034] Operations involving the authority records 34, 36, 38 are managedby the firmware of the storage device 30. In one embodiment, allauthority records 34, 36, 38 can be governed by a single masterauthority record 40. As shown, an operating system (“OS”) file system 42is not permitted to access the security partition data 32 contained inthe storage device 30. This independence of the security partition data32 from the OS file system 42 provides an important benefit of thepresent security methods and systems: to create a location on a computersystem where information such as a secret can be effectively concealed.

[0035] Referring now to FIG. 4, a schematic of an authority record 52 ispresented in accordance with the authority records 34, 36, 38 of FIG. 3.The authority record 52 can include data, computer programs, and otherlike information and functionality in association with the SP data 54corresponding to the authority record 52. The contents of the authorityrecord 52 and the SP data 54 (elements 56 through 84) are related toinformation for which concealment is desired and/or functionality thatpromotes secure data processing in a computer system. Types ofinformation that can be stored in SP data 54 and types of secureprocessing functions performed by the authority record 52 in connectionwith the SP data 54, as indicated in elements 56 through 84, arepresented below as examples.

[0036] It can be seen that there are many advantages to a closed,non-expandable, storage and authority system as described herein. Thestorage device can define, for certain data on the disk, a structure forauthorization and authentication that can be readily inspected andaudited. If authorization and authentication functions are not providedin a closed system, then a computer system is generally more vulnerableto attack and infiltration. It can be appreciated that 63 user-definableauthority records and one master record are likely to suffice for mostpractical applications of the present computer security methods andsystems. Because these methods and systems are storage device specificlines of security defense, a single authority can translate to a groupauthority in the operating system environment or an entire domainauthority. Since the authorities can be created and deleted by the useras needed, with the understanding that a master authority record cangovern these user modifications, the present methods and systems providean appropriate line of defense for the computer system.

EXAMPLES

[0037] The following examples are intended to illustrate potentialimplementations of the present computer security method and systemembodiments. It can be appreciated that such examples are intendedprimarily for purposes of illustration. No particular aspect or aspectsof the method and system embodiments described herein are intended tolimit the scope of the present invention. For example, it can beappreciated that a particular choice of nomenclature for securitypartition commands executed by the present computer security methods andsystems are for illustration purposes and are not intended to limit thescope of the present invention.

[0038]FIGS. 5 through 8 outline illustrations of the data content andstructure, basic procedures, and error codes for the present computersecurity methods and systems.

[0039]FIG. 5 shows the fields of a single authority record followed bythe data associated with the authority record. An authority recorddefines one authority (e.g., a user, group, domain, or other agent) anda data set for which the authority record administers accessprotections.

[0040]FIG. 6 shows the header for the partition containing the masterauthority record and its data, which comprises all other authorityrecords for the storage device. This header provides information to thecomputer system for efficient use of the security partition, authorityrecords and their associated SP data.

[0041]FIG. 7 shows the basic storage device procedures associated withthe present computer security methods and systems. These basicprocedures include methods for setting up new authority records,deleting data and/or modifying previous authority records. Also shownare procedures for using the security features built into one or moreuser applications.

[0042]FIG. 8 shows sample error codes that may result from applicationof the various procedures described in FIG. 7.

[0043] As applied to the present computer security methods and systems,reading and writing data to a secured data partition can useconventional read/write mechanisms and protocols. In one aspect, if aread or write of a security partition is attempted, the securitypartition can be opened using a security partition open call, such asthe SPOpen command. Once open, the security partition remains open untilclosed (such as by use of the SPClose command) or until expiration of apredetermined time interval. An SPOpen command can limit read and writeaccess in many ways that are important to security functions needed forthe storage device. In another embodiment, specialized SP, fixed-lengthand record-oriented, read and write operations are permitted that do notleave open the windows of opportunity that the global SPOpen command canpermit.

[0044] In some embodiments, the SPOpen and SPClose commands are notavailable due to security or efficiency considerations and read andwrite operations are performed through the available SPProtRead andSPProtWrite commands. Use of the SPProtRead and SPProtWrite commands canperform an internal, hidden, SPOpen functionally equivalent actionwithout exposing the secure data to user interaction.

[0045] In certain embodiments, the present computer security methods andsystems can use, for example, ANSI X.509 certificates that can employtrap-door cryptographic algorithms such as the well-known RSA algorithmfor authentication. Each authority record can contain one public-privatekey pair for authenticating data that originates from the securitypartition of interest. A second public-private key pair is provided toensure that data can only be sent to the particular security partitionand no other location for storage. These key pairs are associated withX.509 Cert-In (i.e., the data are only transmitted to the desiredpartition) and X.509 Cert-Out (the data are signed and therebyauthenticated to come only from the desired partition). A symmetric keycan be used in a way substantially similar to SSL and other equivalentlysecure streaming protocols to encrypt the data. In this embodiment, thepublic-private keys are used primarily for the hashes associated withthe certificates, although a private key can decode a passcode directedto an authority.

[0046] The present methods and systems can require that theabove-mentioned cryptographic operations are embedded in the firmware orphysical storage of the storage device. The cryptographic code isauthenticated with a root assurance in the NWF of the device. In thismanner, access to reading or writing SP-protected data cannot besusceptible to attack except by physically modifying the storage device.The SP system also provides for encrypting data in the data partition.The encryption utilizes the symmetric key. If encryption is turned off,then the data in the storage device are plain text even though thesymmetric encryption may not have been employed in transmitting the datato and from its storage location. If encryption is turned on, then thedata in the storage device are encrypted even though the symmetricencryption may not have been employed in transmitting the data to andfrom its storage location.

[0047] If the SP data are encrypted and the authority source isexternal, a method and system can be provided to encrypt data on thestorage device so that only an external agent can decrypt the data. TheSP DataEncrypt command encrypts the SP data so that a key can beacquired and applied from an external source.

[0048] In this embodiment, there is no accessible method for decryptingthe data from the storage device based on information available in thestorage device. This method and system involves securely transmittingthe public key and symmetric key. The private key is provided to decryptthe symmetric key when the symmetric key is needed for use in encryptingor decrypting data. This public key/symmetric key/private keyarrangement is a conventional method for providing file encryption. Thepresent computer security methods and systems improve this conventionalmethod by providing for security methods and systems contained only inthe storage device and not as part of an operating system or filesystem.

[0049] Another feature of the authority record that controls the readingand writing of data in a security partition is that certain fields ofthe authority record can be hidden. “Hidden” typically means that thevalues in these fields cannot be read by any external process, i.e., thevalues cannot be read either by a call to the firmware or by directexamination of the contents of the storage device. There are a pluralityof known hardware techniques by which storage can be protected: forexample, mapping out the address space of such storage except to theNWF. Another technique that can be applied in connection with thepasscode field of the authority record is to store only a hash of code.This technique is possible because there is no requirement to read aplain text passcode. In addition, another technique is to hide asymmetric key by encrypting the key with an authority's public key, suchthat only the hidden private key can decode it.

[0050] In practice of the present computer security methods and systems,a distinction can be made between an external authority source and aninternal authority source. If a security partition is an internalauthority source, then the public-private key pairs and symmetric keysare generated internally by the NWF and WF of the storage device. If asecurity partition is an external authority source, then thepublic-private key pairs and the symmetric key can be transmitted by asecure method of transmission (as defined by the SPCSet command, forexample) to the storage device. This means that while certain data, suchas a private key, can be written (such as by the SPCSet or by theinternal key generator), the data are not read by any external process,because they are defined as hidden. It is important that the same “Writebut Not Read” capability can be afforded data in any security partitionthat is a “Write but Not (external) Read” partition. Therefore, a userapplication external to the storage device can employ the storage deviceas a reliable place to conceal information and to perform cryptographicoperations with a relatively high degree of security and secrecy.

[0051] One embodiment of the present computer security methods andsystems provides for declaring SP data to be write-once. Oneillustrative use of this embodiment is in PKI (public keyinfrastructure), wherein a problem exists in validating public keys fora particular authority. The security partition of the present methodsand systems can verify the source of the public key dynamically. Thisovercomes one of the fundamental problems in PKI known as keyrevocation. It is possible with the present methods and systems to havea secure means of dynamically keeping public keys current with arelatively high level of assurance. Another application of thewrite-once embodiment is applied to lock software to a system or diskand create logs that cannot be repudiated or accessed withoutauthorization. In this embodiment, the storage device can be employed toread the log which may contain credit card purchase information, forexample.

[0052] The present computer security embodiments typically use a fixedamount of space associated with each authority record and associateddata set. In addition, one master authority record can contain theauthority records for all other security partitions. For example, eachauthority record can use 2633 bytes of a six block (3072 byte) region,and there can be 64 possible authority records, for a total of 196,608bytes in the security partition which contains the authority records forall security partitions. In this illustrative system, there can only be63 user-definable security partitions. No external authority ispermitted access in this embodiment except as defined by the externalsource of private/public/symmetric keys. This means that only anauthority record defined on the storage device can be an authoritypermitted to read or write any other authority record and/or data set.It can be appreciated that an allowance is made in thepublicly-readable, and typically factory-set, authority record header toexpand or reduce this closed system of authority to more than or lessthan 64 total authority records.

[0053] In embodiments of the present computer security systems thatmaintain a finite number of authority records with a fixed-spaceutilization for the master authority record, the performance penaltyassociated with having an SP-enabled storage device can be regulated. Ingeneral, any read or write operation on the storage device checks todetermine whether low-level storage addresses (e.g, cylinder, head,sector, block and the like) are protected by a security partition.

[0054] In another embodiment, the security partition region is modeledlike an ATA Host Protected Area region. The partition containing themaster authority record and the other authority records has a known,fixed size and uses storage hidden even from an ATA Host Protected Areacall. Any partitions below the master authority record can use the topportion of the ATA Host Protected Area space. Since write and readoperations in the ATA Host Protected Area space are typically rare, itcan be effective to add a function to check for SP-protected regions.

[0055] In another aspect of the present methods and systems, anSPAuthHeader call returns a list of protected disk address regions. Bydesignating a fixed region of the storage device to be the area where SPdata resides, the function of checking for permitted write operationscan be performed. The SPAuthHeader call returns values synthesized andstored in the extended authority partition header. It is useful for thiscall to report contiguous regions of the storage device that areSP-protected. In this manner, user software can be warned not to attemptto address those regions without appropriate SPOpen calls. AnSPAuthHeader call may not report disk addresses to which a user does nothave access.

[0056] It can be appreciated that a user-defined SP data partition canconsume the entire storage capacity of the storage device if suchconsumption is permitted by the NWF and WF. This is one reason forrestricting authority to read and write the master authority record toonly predetermined users. The present system can provide authenticationof these predetermined users and minimize the number of users who haveadministrator-level control over the authority records.

[0057] An important function of the SPAuthHeader call is to return thepublic key for communicating to the master authority record. Thisfunction is important because the master authority record requirespublic-key encryption for the passcode needed to access the masterauthority record. A factory distributed storage device can have apasscode structured so that software attempting to initialize the masterauthority record must know the passcode. The passcode is also structuredso that it cannot be “sniffed” or otherwise inspected in transit becauseof the passcode's encryption with the master authority record's publickey.

[0058] It is known that publishing a public key for encrypting passcodescan make use of the public key susceptible to a replay attack. To resistsuch attacks, one embodiment of the present security methods and systemsincludes SPNonce (which contains a “nonce”) and SPAuthNonce fields inthe authority record and the authority header. The nonce can be a randomnumber up to 256 bytes in length that is intended for one-time use. Inone embodiment, the nonce is encrypted with the public key as a portionof the passcode. This ensures that the sender of the passcode knows thepasscode. The nonce is made a part of the authority record so that thenonce can be passed to the NWF and WF. This permits the nonce to be usedto gain authority to remote storage devices through passcodes that arestored and hidden in user authority records.

[0059] For generation of keys and nonces, a random number generator canbe provided in the NWF and WF. Certain storage devices, such as harddisks, afford opportunities for measuring random mechanical orelectronic error that can be cultivated as a source for random numbers.The present computer security methods and systems can use thiscontinuous random number, for example, with secure storage-to-storagetransmission to create one-time pads. One-time pads are well-knownperfect encryption-decryption techniques.

[0060] It can be appreciated that since an authority record can have SPdata that have start times, end times, and/or instructions to remove ortransfer SP data at a predetermined time, then a reliable source forclock time is needed. Benefit can be obtained by having a clock insidethe storage device that can be synchronized to an external clock througha secure authorized transmission. This necessitates an additional callthat has an authority record set aside or that needs use of the masterauthority record. By reducing the amount of time the nonce is consideredto be valid, then the error in the transmitted clock time can bebounded.

[0061] A common use of a secure partition is to store the public keys ofother secure partitions on other devices. In this embodiment, a securenetwork of storage devices can be achieved, because the passcodes thatpermit access to other authority records on other devices are themselvesencrypted inside the storage devices. For example, it is possible tocreate one or more master registries that can securely manage thesecurity partitions on a number of other storage devices.

[0062] It can be appreciated that the present computer securityembodiments must deal with call authentication to secure code and datain the operating system environment. Call authentication has two generalcases. In one case, it is necessary to authenticate that a computerprogram, for example, that is called is the correct computer program. Inthe other case, it is necessary to authenticate that the program orroutine that calls the computer program is the correct program orroutine.

[0063] Call authentication provides the basis for secure communicationsbetween code running in the operating system and the storage deviceauthority. The general case for the operating system is to have aplurality of loader/linkers. These are operating system programs thatread code from storage; assign symbolic, virtual and physical addresses;initialize values; load the code into execution memory; and can alsoinitiate code execution.

[0064] A conventional practice is to put code authentication in theloader/linker. However, once legitimate code is authenticated, loadedand linked, intrusive code can modify the legitimate code duringexecution. Introduction of intrusive code can be readily performed ifthe code that is linked and loaded can read data from the storage deviceand interpret that data as a program code. Many programs have thecapacity to introduce intrusive code accidentally in this manner.However, even without this capacity, there are schemes such as aconventional buffer-overflow exploit that can replace code known to beauthentic with intrusive code.

[0065] Code authentication is nevertheless useful at the loader/linkerlevel. If all reads of data that are to function as code areauthenticated reads, then much of the benefit of code authentication canbe realized. If buffer-overflow and similar exploits are eliminatedthrough good programming practice, then code authentication can be aneffective technique. It is well known, however, that code running in anopen operating system environment often fails to conform to goodsecurity practices.

[0066] The present computer security methods and systems can provide acomponent for code authentication. In one embodiment, one or moreauthority records can be employed by one or more linker/loaders to storepublic keys as data and check the code being loaded for authenticity.The loader/linker can therefore be certain that the public key, the hashvalue, and the code are authentic. The loader/linker code can be storedin non-writeable space in one authority record to ensure that itsessential code is unaffected.

[0067] Code authentication can handle the call authentication problemonly if all calls are made to properly authenticated code. There remainsa possibility that intrusive data can be introduced that cause a call toan incorrect code segment. In an operating system where communication isdefined through message passing or similar object-oriented methods,calling is done by name or handle. The authority record can be employedin a “write-once-no-delete” mode to record authenticated calls betweencode segments. If all code segments are authenticated, then they arecoded typically to proper bound-checking standards. In this case, thecall-path is authenticated and is unlikely to have a security breach.

[0068] Another method for providing call authentication involves thewell-known principle of wrappering code segments. In this method, a codesegment is executed within the memory space of another code segment thathas been introduced either by the code compiler or the loader/linker. Anexample of this is the debugging function in a conventional compiler.Another example is in interpreted byte code systems. Assuming that thewrappering code is available directly from protected disk authorityspace, then it can provide for fully call-authenticated action by a codemodule. The method confirms that calls external to the code are calls tothe symbolic, virtual, or physical addresses originally authenticated.For example, if a code set should not open a port to the Internet, thenthe wrapper provides an alarm if such a port opening was attempted. Thedata that records the calls permitted within the wrapper are preferablystored in a secure, non-writeable authority record.

[0069] The general solution to call authentication within the presentcomputer security methods and systems employs the storage device tostore authentication data; to perform the authentication computation;and to store special code segments from which roots of trust in theoperating system environment can be established. In general, keylinker/loaders and code interpreters are sufficient to establish truston particular code operating within the operating system environment.This is an improvement over other approaches that propose radicallyaltering the file system or securing the entire operating systemenvironment when that environment cannot usually be completely secured.The present computer security embodiments provide key tools that can beemployed to secure code execution within the operating systemenvironment and therefore provide a scaleable solution to the callauthentication problem.

[0070] Benefits/Advantages

[0071] The methods and systems discussed herein provide significantimprovements and advantages for promoting computer system security thatinclude the following benefits:

[0072] Internal security is provided for a computer system that uses alocal or remote storage device for program and data. The storage devicecan be one or more storage devices that can reside in a single computersystem. The computer systems can be connected by a bus or a network.

[0073] Protection of a computer system from network-originated attacks,particularly where the computer system relies on storage devices.

[0074] Protection of data and computer programs against unauthorized useand copying within a computer device and/or system.

[0075] Permit a storage device to secure and conceal private keys andalso sign and check messages in a hidden but authenticated manner.

[0076] Upgrade of existing computer security systems in a local area orwide area enterprise that depends on electronic or electro-optic dataand computer programs.

[0077] Transmission of data and computer programs to a storage devicethrough broadband and/or narrowband unswitched and/or switched networks,so that an indication of the secure and accurate function of the dataand/or computer programs in the computer system can be provided.

[0078] Transmitting, storing and managing public keys for a public keyinfrastructure; and for transmitting, storing, and managing private keysfor cryptographic use.

[0079] Managing the integrity and rights of multimedia audio and videocontent across many storage devices both local area and wide area.

[0080] Providing storage security while not hampering storage deviceperformance in normal use.

[0081] Improving use of the ANSI ATA-4 and ATA-5 Host Protected Area.

[0082] Providing assurance to the operation and integrity of anoperating system across a plurality of networked computer systems; anapplications system in a computer system; an applications system acrossa plurality of networked computer systems; a backup and recovery systemin a computer system; and, a backup and recovery system across aplurality of networked computerized systems.

[0083] Permitting creation and use of one-time pad cryptography betweenand/or among a plurality of storage devices and/or computer systems.

[0084] Whereas particular embodiments of the invention have beendescribed herein for the purpose of illustrating the invention and notfor the purpose of limiting the same, it can be appreciated by those ofordinary skill in the art that numerous variations of the details,materials and arrangement of parts may be made within the principle andscope of the invention without departing from the invention as describedin the appended claims.

What is claimed is:
 1. A method for promoting security in a computersystem having an operating system in operative connection with at leastone storage device, wherein said storage device includes a processor andfirmware for processing data stored on said storage device, said methodcomprising: partitioning at least a portion of said storage device toform a security partition having at least one authority record and atleast one data set associated with said authority record; limitingaccess to at least a portion of said storage device by said operatingsystem of said computer system.
 2. The method of claim 1, wherein saidcomputer system includes a networked computer system.
 3. The method ofclaim 1, wherein at least a portion of said storage device firmwarecomprises writeable firmware.
 4. The method of claim 1, wherein at leasta portion of said storage device firmware comprises non-writeablefirmware.
 5. The method of claim 1, further comprising transporting datato said storage device only in connection with execution of saidfirmware of said storage device.
 6. The method of claim 1, wherein saidstorage device is configured in accordance with a protocol selected fromthe group consisting of ATA protocol and SCSI protocol.
 7. The method ofclaim 1, wherein said partitioning step occurs on a low-level formattingportion of said storage device.
 8. The method of claim 1, furthercomprising adding data to said storage device in an orientation selectedfor promoting identification of remaining data storage space on saidstorage device.
 9. The method of claim 1, further comprising saidsecurity partition having a master authority record.
 10. The method ofclaim 9, further comprising said master authority record governing allsaid authority records in said storage device.
 11. The method of claim1, further comprising translating information from a master authorityrecord included in said storage device to a group authority in saidoperating system.
 12. The method of claim 1, further comprising writingsaid security partition using a security partition open call.
 13. Themethod of claim 12, further comprising closing said security partitionafter a predetermined time interval.
 14. The method of claim 1, furthercomprising reading said security partition using a security partitionopen call.
 15. The method of claim 14, further comprising closing saidsecurity partition after a predetermined time interval.
 16. The methodof claim 1, wherein said authority record includes a public-private keypair for authenticating data originating from said security partition.17. The method of claim 16, wherein said authority record includes asecond public-private key pair for ensuring data can only be sent tosaid security partition and no other location for storing said data. 18.The method of claim 1, further comprising storing a symmetric key onsaid storage device.
 19. The method of claim 1, further comprising usinga private key for decoding a passcode transmitted to said authorityrecord of said storage device.
 20. The method of claim 1, furthercomprising encrypting at least a portion of said data in said securitypartition.
 21. The method of claim 1, further comprising encrypting dataon said storage device so that only an external agent can decrypt saidencrypted data.
 22. The method of claim 1, further comprising providingno method for decrypting data stored on said storage device withinformation available on said storage device.
 23. The method of claim 1,further comprising hiding at least one field of said authority record.24. The method of claim 1, further comprising storing a hash of code ina passcode field of said authority record.
 25. The method of claim 1,further comprising securing a symmetric key by encrypting said symmetrickey with a public key of said authority record, and hiding a private keyin said authority record, thereby permitting only said hidden privatekey to decode said symmetric key.
 26. The method of claim 1, furthercomprising storing at least one public key in said storage device. 27.The method of claim 1, further comprising storing at least one privatekey in said storage device.
 28. The method of claim 1, furthercomprising declaring at least a portion of data in said securitypartition to be write-once.
 29. The method of claim 1, furthercomprising permitting only a predetermined user to access a masterauthority record of said security partition.
 30. The method of claim 1,wherein said authority record includes at least one nonce.
 31. Themethod of claim 30, further comprising encrypting said nonce with apublic key.
 32. The method of claim 1, wherein said authority recordincludes at least one time value associated with processing of a portionof data stored on said storage device.
 33. The method of claim 32,wherein said time value is selected from the group consisting of a starttime and an end time.
 34. The method of claim 1, further comprisingstoring call authentication data on said storage device.
 35. A systemfor promoting security in a computer system having an operating systemin operative connection with at least one storage device, wherein saidstorage device includes a processor and firmware for processing datastored on said storage device, said system for promoting securitycomprising: a security partition formed in said storage device having atleast one authority record and at least one data set associated withsaid authority record; wherein access to said security partition in saidstorage device by said operating system of said computer system islimited.
 36. The system of claim 35, wherein said computer systemincludes a networked computer system.
 37. The system of claim 35,wherein at least a portion of said storage device firmware compriseswriteable firmware.
 38. The system of claim 35, wherein at least aportion of said storage device firmware comprises non-writeablefirmware.
 39. The system of claim 35, wherein said storage device isconfigured in accordance with a protocol selected from the groupconsisting of ATA protocol and SCSI protocol.
 40. The system of claim35, wherein said security partition is formed on a low-level formattingportion of said storage device.
 41. The system of claim 35, furthercomprising said security partition having a master authority record. 42.The system of claim 41, further comprising said master authority recordbeing in operative association with a group authority in said operatingsystem.
 43. The system of claim 35, wherein said authority recordincludes a public-private key pair for authenticating data originatingfrom said security partition.
 44. The system of claim 43, wherein saidauthority record includes a second public-private key pair for ensuringdata can only be sent to said security partition and no other locationfor storing said data.
 45. The system of claim 35, further comprising asymmetric key stored on said storage device.
 46. The system of claim 35,further comprising encrypted data stored on said storage device.
 47. Thesystem of claim 35, further comprising at least one hidden field in saidauthority record.
 48. The system of claim 35, further comprising saidauthority record having a passcode field.
 49. The system of claim 35,further comprising a hidden key stored in said storage device.
 50. Thesystem of claim 35, further comprising at least one public key stored insaid storage device.
 51. The system of claim 35, further comprising atleast one private key stored in said storage device.
 52. The system ofclaim 35, wherein said authority record includes at least one nonce. 53.The system of claim 35, wherein said authority record includes at leastone time value associated with processing of a portion of data stored onsaid storage device.
 54. The system of claim 53, wherein said time valueis selected from the group consisting of a start time and an end time.55. The system of claim 35, further comprising call authentication datastored on said storage device.
 56. A computer-readable medium containinginstructions for promoting security in a computer system having anoperating system in operative connection with at least one storagedevice, wherein said storage device includes a processor and firmwarefor processing data stored on said storage device, said mediumcomprising: instructions for partitioning at least a portion of saidstorage device to form a security partition having at least oneauthority record and at least one data set associated with saidauthority record; instructions for limiting access to at least a portionof said storage device by said operating system of said computer system.57. The medium of claim 56, wherein said computer system includes anetworked computer system.
 58. The medium of claim 56, wherein at leasta portion of said storage device firmware comprises writeable firmware.59. The medium of claim 56, wherein at least a portion of said storagedevice firmware comprises non-writeable firmware.
 60. The medium ofclaim 56, further comprising instructions for transporting data to saidstorage device only in connection with execution of said firmware ofsaid storage device.
 61. The medium of claim 56, wherein said storagedevice is configured in accordance with a protocol selected from thegroup consisting of ATA protocol and SCSI protocol.
 62. The medium ofclaim 56, wherein said instructions for partitioning includeinstructions for partitioning in a low-level formatting portion of saidstorage device.
 63. The medium of claim 56, further comprisinginstructions for adding data to said storage device in an orientationselected for promoting identification of remaining data storage space onsaid storage device.
 64. The medium of claim 56, further comprising saidsecurity partition having a master authority record.
 65. The medium ofclaim 64, further comprising said master authority record includinginstructions for governing all said authority records in said storagedevice.
 66. The medium of claim 56, further comprising instructions fortranslating information from a master authority record included in saidstorage device to a group authority in said operating system.
 67. Themedium of claim 56, further comprising instructions for writing saidsecurity partition using a security partition open call.
 68. The mediumof claim 67, further comprising instructions for closing said securitypartition after a predetermined time interval.
 69. The medium of claim56, further comprising instructions for reading said security partitionusing a security partition open call.
 70. The medium of claim 69,further comprising instructions for closing said security partitionafter a predetermined time interval.
 71. The medium of claim 56, whereinsaid authority record includes a public-private key pair forauthenticating data originating from said security partition.
 72. Themedium of claim 71, wherein said authority record includes a secondpublic-private key pair for ensuring data can only be sent to saidsecurity partition and no other location for storing said data.
 73. Themedium of claim 56, further comprising instructions for storing asymmetric key on said storage device.
 74. The medium of claim 56,further comprising instructions for using a private key for decoding apasscode transmitted to said authority record of said storage device.75. The medium of claim 56, further comprising instructions forencrypting at least a portion of said data in said security partition.76. The medium of claim 56, further comprising instructions forencrypting data on said storage device so that only an external agentcan decrypt said encrypted data.
 77. The medium of claim 56, furthercomprising instructions for hiding at least one field of said authorityrecord.
 78. The medium of claim 56, further comprising instructions forstoring a hash of code in a passcode field of said authority record. 79.The medium of claim 56, further comprising instructions for securing asymmetric key by encrypting said symmetric key with a public key of saidauthority record, and instructions for hiding a private key in saidauthority record, thereby permitting only said hidden private key todecode said symmetric key.
 80. The medium of claim 56, furthercomprising instructions for storing at least one public key in saidstorage device.
 81. The medium of claim 56, further comprisinginstructions for storing at least one private key in said storagedevice.
 82. The medium of claim 56, further comprising instructions fordeclaring at least a portion of data in said security partition to bewrite-once.
 83. The medium of claim 56, further comprising instructionsfor permitting only a predetermined user to access a master authorityrecord of said security partition.
 84. The medium of claim 56, whereinsaid authority record includes at least one nonce.
 85. The medium ofclaim 84, further comprising instructions for encrypting said nonce witha public key.
 86. The medium of claim 56, wherein said authority recordincludes at least one time value associated with processing of a portionof data stored on said storage device.
 87. The medium of claim 86,wherein said time value is selected from the group consisting of a starttime and an end time.
 88. The medium of claim 56, further comprisinginstructions for storing call authentication data on said storagedevice.
 89. A system for promoting security in a computer system havingan operating system in operative connection with at least one storagedevice, wherein said storage device includes a processor and firmwarefor processing data stored on said storage device, said system forpromoting security comprising: means for partitioning at least a portionof said storage device to form a security partition having at least oneauthority record and at least one data set associated with saidauthority record; means for limiting access to at least a portion ofsaid storage device by said operating system of said computer system.90. The system of claim 89, wherein said computer system includes anetworked computer system.
 91. The system of claim 89, wherein at leasta portion of said storage device firmware comprises writeable firmware.92. The system of claim 89, wherein at least a portion of said storagedevice firmware comprises non-writeable firmware.
 93. The system ofclaim 89, further comprising means for transporting data to said storagedevice only in connection with execution of said firmware of saidstorage device.
 94. The system of claim 89, wherein said storage deviceis configured in accordance with a protocol selected from the groupconsisting of ATA protocol and SCSI protocol.
 95. The system of claim89, wherein said means for partitioning partitions a low-levelformatting portion of said storage device.
 96. The system of claim 89,further comprising means for adding data to said storage device in anorientation selected for promoting identification of remaining datastorage space on said storage device.
 97. The system of claim 89,further comprising said security partition having a master authorityrecord.
 98. The system of claim 97, further comprising means for saidmaster authority record to govern all said authority records in saidstorage device.
 99. The system of claim 89, further comprising means fortranslating information from a master authority record included in saidstorage device to a group authority in said operating system.
 100. Thesystem of claim 89, further comprising means for writing said securitypartition using a security partition open call.
 101. The system of claim100, further comprising means for closing said security partition aftera predetermined time interval.
 102. The system of claim 89, furthercomprising means for reading said security partition using a securitypartition open call.
 103. The system of claim 102, further comprisingmeans for closing said security partition after a predetermined timeinterval.
 104. The system of claim 89, wherein said authority recordincludes a public-private key pair for authenticating data originatingfrom said security partition.
 105. The system of claim 104, wherein saidauthority record includes a second public-private key pair for ensuringdata can only be sent to said security partition and no other locationfor storing said data.
 106. The system of claim 89, further comprisingmeans for storing a symmetric key on said storage device.
 107. Thesystem of claim 89, further comprising means for using a private key fordecoding a passcode transmitted to said authority record of said storagedevice.
 108. The system of claim 89, further comprising means forencrypting at least a portion of said data in said security partition.109. The system of claim 89, further comprising means for encryptingdata on said storage device so that only an external agent can decryptsaid encrypted data.
 110. The system of claim 89, further comprisingmeans for providing no system for decrypting data stored on said storagedevice with information available on said storage device.
 111. Thesystem of claim 89, further comprising means for hiding at least onefield of said authority record.
 112. The system of claim 89, furthercomprising means for storing a hash of code in a passcode field of saidauthority record.
 113. The system of claim 89, further comprising meansfor securing a symmetric key by encrypting said symmetric key with apublic key of said authority record, and means for hiding a private keyin said authority record, thereby permitting only said hidden privatekey to decode said symmetric key.
 114. The system of claim 89, furthercomprising means for storing at least one public key in said storagedevice.
 115. The system of claim 89, further comprising means forstoring at least one private key in said storage device.
 116. The systemof claim 89, further comprising means for declaring at least a portionof data in said security partition to be write-once.
 117. The system ofclaim 89, further comprising means for permitting only a predetermineduser to access a master authority record of said security partition.118. The system of claim 89, wherein said authority record includes atleast one nonce.
 119. The system of claim 118, further comprising meansfor encrypting said nonce with a public key.
 120. The system of claim89, wherein said authority record includes at least one time valueassociated with processing of a portion of data stored on said storagedevice.
 121. The system of claim 120, wherein said time value isselected from the group consisting of a start time and an end time. 122.The system of claim 89, further comprising means for storing callauthentication data on said storage device.